Securing healthcare against the ‘epidemic’ of cyber attacks

By CyberArk

Interview with June Tay, District Sales Manager, Public Sector, CyberArk.

Chinese philosopher Sun Tzu once said that in the midst of crisis, there is also opportunity. Unfortunately, cybercriminals seem to have taken him up on his advice.

The FBI has seen three to four times as many cyber attacks since the pandemic began. Healthcare organisations have fallen victim to these attacks, despite promises from some cybercrime gangs that they will not interfere in the work of saving lives.

For those on the frontlines of the global battle against the coronavirus, locked up files and compromised patient data must become the least of their worries. June Tay, District Sales Manager, Public Sector at security firm CyberArk explains how healthcare providers can guard against malicious cyber attacks.

What threats do healthcare providers face?

Ransomware, phishing attempts and other scams have not let up amidst the pandemic, Tay notes. On the contrary, cybercriminals seem to have become more eager.

Tay highlights one type of attack that has become more prominent in the Covid-19 crisis: maze ransomware. This not only locks up an organisation’s system and demands for payment, but also threatens to release its confidential data on the internet. With patient records on the line, this type of ransomware is particularly insidious for healthcare organisations.

Healthcare providers and countries are also exchanging more information, such as healthcare data and travel histories of infected patients, more frequently. This “highway of information” can be highly vulnerable to cybercriminals, says Tay.

What can healthcare providers do to stop hackers?

It won’t do for healthcare providers to worry about cyber attacks while saving lives. “While there is no silver bullet for ransomware prevention, there are a number of steps government agencies and enterprises alike can take to dramatically reduce the risk of malware, such as Maze Ransomware, from spreading and wreaking major havoc,” Tay says.

The first thing to do is to backup all critical data. Organisations should prioritise their most crucial data and consistently save it in a secure, offsite location. This way, even if their files have been locked and held for ransom, the organisation can continue running, explains Tay.

Second, always patch software to keep it up to date. Think of patches as band-aids for your software - they fix bugs and security vulnerabilities until a major upgrade is released. ”Consistently patching endpoints and servers will dramatically reduce the attack surface, making a compromise far less likely,” Tay says.

Third, keep an eye out for phishing scams. This is especially important at a time when confusion, worry and desire for information are at their peaks. Employees should be wary of suspicious calls, emails or texts, as they may contain links that allow hackers to install malware in the network.

The final step is to be able to contain attacks when they hit. While organisations should teach employees about phishing scams, this is not enough to stop hackers in their tracks, Tay explains. “The greatest risk comes from an inability to contain attackers from affecting or accessing critical data and assets – not from the initial attacker infiltration, which is nearly impossible to stop.”

The most effective way of protecting critical data from cybercriminals, Tay says, is to shut off user access for compromised accounts. That way, even after hackers get into the system, they wouldn’t be able to get their hands on important files. This will help “mitigate the risk of malware like Maze Ransomware spreading from its initial infection point,” she points out.

CyberArk’s cyber defense tool also monitors usage patterns of privileged accounts to get a baseline. Organisations can then quickly identify any anomalous behaviour and restrict the misused account’s access to highly sensitive systems. It even offers a safe environment for organisations to test their cyber defenses, so they know of any gaps before hackers strike.

How to innovate while staying secure

The pandemic is placing immense pressure on the global healthcare system. As patient numbers continue to surge, hospitals need to find new ways to cope, and fast.

Hospitals are looking to scale up their tech and launch new services quickly. Tech such as the cloud, robotics and DevOps could help. DevOps is an approach that brings together developers and operations so organisations can improve and adapt tools as they build. This is a lot more efficient than the traditional method of building services linearly.

Developer teams can also integrate cybersecurity in the process, instead of only adding it as an afterthought after the service has been built. This means they can implement uniform security standards at every possible point of entry in the service and eliminate potential weak links.

Attackers are taking advantage of any network vulnerabilities to cause more chaos in these uncertain times. “It’s becoming an epidemic,” says Tay. With so much on the line, healthcare organisations need to think about how they can protect their patients, not just from illnesses, but from cyber attacks as well.

To see how easy it is to remove local admin rights, CyberArk is now offering a free trial of their Endpoint Privilege Manager (EPM) solution which enables you to effectively reduce risk of endpoint attacks for 30 days. Click here to find out more.